Steps to setup Kerberos can be found in Daylite’s activity set for projects and clients.
As we know with just about everything DNS is critical so make sure it’s 100% before moving forward. It will save you countless time troubleshooting later.
Troubleshooting:
First check your principles then test using Ticket Viewer in CoreServices check your DNS again and finally clean up the client:
COMMANDS ARE CASE SENSITIVE
1. Delete the certificate via Terminal:
security delete-certificate -c "com.apple.kerberos.kdc" /Library/Keychains/System.keychain
2. Delete the local Kerberos configuration via Terminal:
dscl . -delete /Config/KerberosKDC
3. Kill the file that tells system not to setup a new local KDC:
rm /var/db/ .configureLocalKDC
4. Delete the remnants of the previous local KDC:
rm -R /var/db/krb5kdc
5. Create a new local KDC:
/usr/libexec/configureLocalKDC
Related Articles:
Mac OS X Server – LDAP Stopped / PANIC: fatal region error detected
Mac OS X Server – Kerberos is stopped